TTUHSC IT Policies
1.4.10 NETWORK ACCESS
Local Area Networks
Supported LANs are those designed, installed, and operated by the Enterprise Network
team. Devices such as computers, printers, scanners, storage devices and arrays,
and video-conferencing systems may be connected to a network outlet within a supported
LAN with the approval of the campus RSC.
The following may not be connected to an outlet within the TTUHSC network without
prior written authorization of the CIO or their designee:
- Proxy servers and firewalls
- Systems or devices providing Virtual Private Networking (VPN) capability to the Internet
- Wireless access points or other wireless networking equipment (Refer to Wireless Access)
- Systems or devices containing a network adapter operating in promiscuous mode where
a node on a network accepts all packets, regardless of their destination address
- Systems performing Network Address Translation (NAT)
- Systems operating Domain Naming System (DNS), Windows Internet Naming System (WINS),
or Dynamic Host Configuration Protocol (DHCP) services.
- Windows Domain Controllers
All TTUHSC owned PCs and servers attached to the TTUHSC network must be members of
the TTUHSC domain and be defined in the appropriate Active Directory Organization
All modem connections must be approved by the CIO or their designee, and routed through
a modem pool or network device which utilizes an I.T. approved authentication system.
The connection of a device to the TTUHSC network that is accessible directly from
the Internet, without going through the TTUHSC firewall or an I.T. managed modem pool,
is a security risk. Typically, this is a modem device connected to a desktop computer
or server on the TTUHSC network which is set to automatically answer incoming calls
for connections to outside systems. Incoming connections to modems are not allowed
without CIO approval.
Remote Access Policy and Procedures
Remote access to the TTUHSC network provides users with the convenience of accessing
the Internet, their office computer, or information on network file shares to which
they have access. Along with this convenience, comes the need for appropriate security
controls to ensure that data transmitted is secure. Additionally, the network must
be protected from illicit use; and to ensure that viruses, malware, and other malicious
code are not allowed to propagate across the network.
This policy applies to all remote devices connected to the TTUHSC network infrastructure
through Internet access or direct dialup connections.
State and federal legislation requires TTUHSC to provide protection for sensitive
data such as patient information and student financial data. Therefore, TTUHSC personnel
must use a secure mechanism for accessing the TTUHSC network infrastructure remotely.
Additional information on remote access can be found at www.ITSolutions.ttuhsc.edu.
All users who connect remotely to the TTUHSC network must install an anti-virus software
on each computer. This anti-virus software must be updated regularly with new anti-virus
signatures. TTUHSC provides free McAfee Virus Scan licenses for home use by faculty,
staff, and students. This software can be downloaded at https://www.ttuhsc.edu/IT/security/mcafee/.
Any user accessing the TTUHSC network through an Internet connection (Satellite or
cable Internet connections) must connect using a Virtual Private Network connection (VPN).
VPN accounts are available at no cost for current faculty, staff, and students of
TTUHSC. VPN accounts can be requested at www.ITSolutions.ttuhsc.edu. An email response will usually be returned with account information and setup instructions
within 1 business day.
When a VPN account holder (employee or student) leaves TTUHSC, the account will be
disabled as soon as Information Technology is notified of the termination date. VPN
accounts will be set to automatically expire 12 months from the date the account is
created or renewed. At least one week before an account expires, an email will be
sent to the account holder reminding him/her to renew the account. The renewal request
can be filled out at www.ITSolutions.ttuhsc.edu.
Client Connection Setup
VPN services from connections outside the TTUHSC network are supported, provided that
VPN services are in compliance with the Internet Service Provider's policies.
All Institutional security policies are applicable to remote access users. Security
controls in place include appropriate authentication and Intrusion Prevention Services
(IPS). Monitoring and auditing will be conducted on the remote access connections
in the event of unusual network activity. Information Technology will disable a dial-up
or VPN account, based on recommendations from the I.T. Security Team, if network activity
from any remote access computer is disrupting computing services on the TTUHSC network.
TTUHSC Software Requirements
All systems connected to the TTUHSC network must have approved anti-virus software
(I.T. Policy 1.4.22, Viruses and other Malicious Code) installed and operational before the system is connected to the network. This software
must be configured to receive regular virus signature updates from the anti-virus
servers administered by the TTUHSC Information Security Officer and his/her staff.